/*
 * 
 * LegendShop 多用户商城系统
 * 
 *  版权所有,并保留所有权利。
 * 
 */
package com.legendshop.oa.controller;

import com.legendshop.framework.controller.BaseController;
import com.legendshop.oa.constants.PathResolver;
import com.legendshop.oa.model.AdminUser;
import com.legendshop.oa.model.AdminUserPassword;
import com.legendshop.oa.pages.AdminTilesPage;
import com.legendshop.oa.pages.FowardPage;
import com.legendshop.oa.pages.RedirectPage;
import com.legendshop.oa.security.UserDetail;
import com.legendshop.oa.security.UserManager;
import com.legendshop.oa.util.MD5Util;
import com.legendshop.permission.service.AdminUserService;
import com.legendshop.util.LogDateUtil;
import com.legendshop.util.PasswordUtil;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.util.Calendar;
import java.util.Date;

/**
 * 密码处理控制器.
 */
@Controller
@RequestMapping("/admin/passwd")
public class PasswordController extends BaseController {
	/** The log. */
	private final Logger log = LoggerFactory.getLogger(PasswordController.class);

	@Autowired
	private AdminUserService adminUserService;

	/**
	 * 加载编辑页面
	 */
	@RequestMapping(value = "/load")
	public String load(HttpServletRequest request, HttpServletResponse response) {
		AdminUser adminUser = adminUserService.getAdminUser(UserManager.getUserId(request));
		request.setAttribute("adminUser", adminUser);
		return PathResolver.getPath(request, response, AdminTilesPage.PASSWD_EDIT_PAGE);
	}



	/**
	 * 修改密码
	 */
	@RequestMapping(value = "/update", method = RequestMethod.POST)
	public String updatePasswd(HttpServletRequest request, HttpServletResponse response, AdminUserPassword userPassword) {
		if (UserManager.isUserLogined(request.getSession())) {//已经登录的

			if(!PasswordUtil.isPasswordOK(userPassword.getPassword())){
				request.setAttribute("result", "更新密码失败，密码必须由大小写字母+数字+特殊符号组合，长度大于8位。");
				//返回结果页面
				return PathResolver.getPath(request, response, FowardPage.PASSWORD_UPDATE_RESUT);
			}

			UserDetail userDetail = UserManager.getUser(request);

			AdminUser orgin = adminUserService.getAdminUser(userDetail.getUserId());

			String oldEnCryptPasswd = MD5Util.toMD5Password(orgin.getName(), userPassword.getOldPassword());

			if (oldEnCryptPasswd.equals(orgin.getPassword())) {
				String newEnCryptPasswd = MD5Util.toMD5Password(orgin.getName(), userPassword.getPassword());
				if (!oldEnCryptPasswd.equals(newEnCryptPasswd)) {// 密码不相等才修改
					orgin.setPassword(newEnCryptPasswd);
					orgin.setModifyDate(new Date());
					orgin.setChangePass(0);//
					orgin.setPassChangeDate(LogDateUtil.getPasswordChangeDate());
					adminUserService.updateAdminUser(orgin);
					request.setAttribute("result", "更新密码成功");

					//更新用户的下次密码更新时间
				} else {
					request.setAttribute("result", "更新密码失败，密码过于简单和不能跟旧密码一致");
				}
			}else{
				request.setAttribute("result", "更新密码失败，原密码错误");
			}

				//返回结果页面
				return PathResolver.getPath(request, response, FowardPage.PASSWORD_UPDATE_RESUT);
			} else {
				return PathResolver.getPath(request, response, RedirectPage.ADMIN_LOGIN);
			}
		}


	/**
	 * 加载密码编辑页面结果页
	 */
	@RequestMapping(value = "/updateResult")
	public String updateResult(HttpServletRequest request, HttpServletResponse response) {
		return PathResolver.getPath(request, response, AdminTilesPage.PASSWD_EDIT_RESULT_PAGE);
	}

}
